dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
9
share rss forum feed

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:4
reply to Krisnatharok

Re: Facebook now wants your personal phone number....

What do you mean by "lower tiered accounts"? How is an ISP's email account "lower tiered" than what?

I have not ever heard of my ISP's mail servers being hacked and my mail accounts (6-7 I think I have) being compromised. I've had this ISP for over 10 years.

Surely you don't mean that you believe a lot of users use the same passwords they have for their various ISP's mail accounts, where there has to be a different password for each email account, on websites like here for login? And because of "massive hacks" those websites are compromised and the user's password is gotten and somehow the hacker associates that password with the user's ISP's email account that stupidly uses the same password? How would the hacker know what email account the user had?

I'm not following your reasoning. I mean, your email password from one of your 10 or more accounts (my ISP allows us 10 accounts for standard Road Runner and if I upgrade to Turbo I think I get 25 email accounts) would never be your password on a website where you registered with one exception if you used your email account here at dslr! I don't remember a SINGLE one of my email accounts passwords for all the accounts I have with my ISP. They are automatically remembered by Outlook Express, Opera mail, and SeaMonkey mail so how could I use any of them as login for a website where I gave that email address? I'd have to go fish out the written record of the passwords. What a hassle. I wouldn't do that besides it is stupid to do that. I'm not following your reasoning at all.

I don't have a Facebook account. I block Facebook in HostsMan but if I had one I would never give my unlisted, unpublished phone number to Facebook. If I had an account it would all be lies anyway so I wouldn't care if it couldn't be verified.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson



NetFixer
From my cold dead hands
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
·Comcast

Not everyone is as conscientious about privacy and security as you, Mele. Many people do indeed reuse the same passwords for multiple unrelated accounts, and also reuse login names for multiple accounts (not just email accounts).

Also, you are forgetting about OpenID which allows one username/password for accessing many different sites and email accounts ("One ring to rule them all" comes to mind). This site uses OpenID for those who want to use it.




Normally, I don't see the OpenID login for this site because the server to which it connects is blocked by NoScript, but I temporarily allowed it to show so I could get the screen shot. I don't know if FB is a member of OpenID, and since I don't have a FB account (and can't access the site because my perimeter firewall blocks it), I can't find out. My guess would be that FB is a member since that is exactly the kind of sharing that drives that site.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.


chrisretusn
Retired
Premium
join:2007-08-13
Philippines
kudos:1
Reviews:
·PLDT
·Comcast
reply to Mele20

I am trying to figure out were ISP was mentioned in Krisnatharok See Profile's post.
--
Chris
Living in Paradise!!


Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:4

He didn't mention ISPs. He said email accounts were an example of lowered tiered accounts. I didn't understand that. To me, most email accounts are ISP email accounts and that is why I challenged his comment that ISP email accounts are massively hacked. I don't think they are.

As for OpenID, I don't see how that could be used to login into your ISP's say 10 to 25 email accounts that you have set up. I have to set up each email account I have (including my dslr email account) in OE, in SeaMonkey mail, and in Opera mail and I have to supply the password for each account when setting it up in these email clients that I use. I can't use any password for dslr mail except my dslr site password. As for my ISP's email accounts (10-25 available based on either standard or Turbo speed), I had to supply a password for each account when setting it up in Road Runner Member accounts page. The Master RR email account is never used as it has the user's name in it rendering it useless if you are the least bit privacy conscious as you cannot change that master account to remove your name and id from it. How would I use OpenID as a password for each of these accounts? It is not possible. I never type the passwords after setting up each account. My browsers that have email clients and Outlook Express remember the passwords. I avoid like the plague having to use RR webmail which AWFUL. I use SeaMonkey, Opera, and OE mail and I get all accounts including dslr in those email clients.

I still don't know what he is getting at and that is why I asked. Why would I need OpenID for email accounts? And how would OpenID make it easier than it already is to have SeaMonkey, Opera or OE check for new mail? I guess my puzzlement is due to his saying email accounts are "lower tier" and thus prone to hacking. My ISP has never had email accounts hacked as far as I know (although DSLR has been hacked and I am so thankful I was not one of the victims and I wish Justin would follow through on his promise to fix it since my password here is the same as my dslr mail password and we can't have a different password for dslr mail) and what does "lower tier" mean?

My point to him was that if you only type your ISP's mail accounts passwords when you first set them up and then you have your email clients (be that OE or web browsers, etc) remember them for you why would you ever be tempted to use them as your login on some website? I don't understand that at all. The only way a hacker could get your various ISP email account passwords would be if he/she hacked Road Runner gateway email servers or hacked RoadRunner User Accounts. I have never heard of that happening. I can see though if you have an email account here at dslr AND you used your dslr password at other sites then, sure, you could be in a world of trouble because Justin has still not fixed the problem. But how many people have email accounts at dslr and of those when this site was hacked most who posted in the thread about it said they did NOT reuse their password here anywhere else partly because it is same password for email here as for the site itself and it would be stupid to reuse it.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


dave
Premium,MVM
join:2000-05-04
not in ohio
kudos:8
Reviews:
·Verizon FiOS

said by Mele20:

He said email accounts were an example of lowered tiered accounts.

No he did not.

said by Krisnatharok:

Many people have lower tiered accounts compromised--say an email address and password.

An 'email address' is not 'an account'. An email address is an email address. Many sites that provide accounts use an email address as an identifier for an account, but that does not make the email address equal the account, nor does it make the account equal the email address.

-----

By 'lower tiered' I assume he means an account you don't much care about: e.g., I have an account at crucial.com, identified (I think) by email address, because I needed to ask a support question one time. Or maybe he means an account at a site where they don't have industrial-strength security because they're not really dealing with high-value data (which is the same thing to me as an 'account I don't much care about'). Either way, I don't much worry about breaches there, but it would expose my email address, though not any password I cared about.